jHackGuard - Security Joomla Extension by SiteGround

jHackGuard

jHackGuard is designed by SiteGround to protect Joomla websites from hacking attacks. Just add it to your Joomla and it will be safe against SQL Injections, Remote URL/File Inclusions, Remote Code Executions and XSS Based Attacks!

We have initially developed jHackGuard to protect our Joomla hosting users. It comes as part of any Joomla installations made through our system and it has been successfully used by thousands of SiteGround customers during the past few years. Seeing the value of this protection, we have decided to make the plugin publicly available to all Joomla users, no matter if they use our hosting services or not.

jHackGuard is a Joomla Security Plugin that protects you by filtering the data from the users' input and implements additional PHP security settings. At the same time the plugin is disabled for the authenticated administrators so that its filters don't prevent them doing administrative tasks.

Our security extension comes pre-configured with a set of rules that are suitable for the majority of the general Joomla websites. Still, if you'd like to tweak it, you can do through your Joomla administrator area. jHackGuard plugin also created its own log and you can debug any unexpected behavior.

If you are still using Joomla 1.5 you should download jHackGuard for Joomla 1.5. However, we strongly recommend that you upgrade your Joomla to 2.5 or higher. Jooomla 1.5 is no longer supported and using it is not secure even if you add a Security Plugin.

2. Upload jHackGuard of your Joomla.

Once you have the Plugin downloaded, you need to login to your Joomla admin panel, go to the Extensions Manager and upload the zipped jHackGuard package that you have downloaded to your local machine.

After installing jHackGuard you will be able to find it listed in the Plug-in Manager. If the plugin list is too long, use the search option. Once you locate the Plugin in the list click on its name to see the details about jHackGuard.

Locating jHackGuard using the search function in the Joomla Plug-in Manager.

To enable the plugin Choose the right status and save your Plugin preferences.

Enabling jHackGuard in Joomla Plug-in Manager.

The default rules of jHackGuard have been preset by our Joomla specialists, based on their experience in fixing a huge number of different Joomla websites vulnerabilities. We recommend the use of the default rules for best plugin performance. However, if you want to make specific changes to its settings, you can do this from the Plugin Manager page in your Joomla Administrative area.

jHackGuard Configuration Options in Joomla Plug-in Manager.

The configurable parameters for the SiteGround Joomla Security Plugin are separated in several groups:

Logging Options

Log File - Here you can enter the file name where the logs about the plugin activities will be kept. The default file name is jHackGuard-log.php. It is stored under the logs folder.

Enable Logging - You can decide whether the plugin activities will be logged.

Disable Upload For Guests - File uploads are disabled for guest users. Members and administrators will still be able to upload files without any problems.

Link Back To SiteGround - adds a link to our site.

Version 1.4.2

Improved logging of recorded events.

Version 1.4.0

Added Joomla 3.0 support.

Version 1.3.4

Fixed bug with the file upload filter check.

Version 1.3.3

Plugin now can be updated via the internal Joomla auto update system.

Version 1.3.2

A brand new "Strict XSS Mode" section has been added in the plugin configuration page.

Location.href will now be filtered when strict mode is enabled.

String.fromCharCode will now be filtered when strict mode is enabled.

Input keys will now be scanned as well (only values were scanned previously) for malicious characters. This might cause issues with 3rd party extensions and as such, a separate option is added to the plugin control panel, which allows you to enable/disable this behavior.

Plugin will now strip PHP and HTML code from the user-agent variable, preventing possible attacks.

All SQL injection rules will now check the context in which they are used and keywords will no longer be stripped from normal sentences.

"Union", "and", "or", "select", "update" and "delete" keywords are now properly detected when URL encoded characters are used (e.g. %6F/%4F and %72/%52 for "or").

File uploads are disabled for guest users. Members and administrators will still be able to upload files without any problems. A control panel option for this feature has been added as well, in case a 3rd party extension requires guests to be able to upload files.

Eval() and base64_decode() functions match is now case-insensitive and will trigger properly.

Fixed a bug in the php.ini file lock obtaining logic. The plugin will now sleep for 0ms - 100ms and will try a maximum of 15 times to obtain a lock on that particular file.